Support Desk

Install SSL Certificate Lotus Domino

Download and copy your certificate files to your server

Download your SSL certificate and support files by clicking on the download link in your fulfillment email or from your GeoCerts SSL Manager account. Unzip the files and copy them into the directory where you will keep your certificates. Some files in the zip may or may not be used depending on your server type.

You will be installing several certificate files to your domino key ring. You must be using the same key ring used to generate your certificate request (CSR). It is important that you install the certificates from your zip file in the proper order.

1. Install the GeoTrust Root CA Certificate

  1. From the Domino Administrator, click Files, and open the Server Certificate Admin application.
  2. Click Install Trusted Root Certificate into Key Ring (option 3).
  3. Enter the file name for the key ring that will store this certificate. You created this key ring file when you created the server certificate request. IBM suggests that you map a drive to the directory that contains the server key ring file.
  4. Enter the name that the key ring file will use to identify this certificate. If you leave this field blank, Domino uses the distinguished name of the certificate.
  5. From Certificate Source choose File (rather than Clipboard) and enter the file name in the File name field (GeoTrust_Root.txt).
  6. Select Merge Trusted Root Certificate into Key Ring.
  7. Enter the password for the key ring file, and then click OK.

2. Install the GeoTrust Intermediate(s) Certificate(s)

Note! Lotus Domino does not make a distinction between what we call trusted root and trusted intermediate certificates. To Domino they are all installed as trusted roots.

  1. If you are installing an Extended Validation (EV) certificate follow section 1 again exactly but this time use the file GeoTrust_Intermediate_2.txt from your zip file.
  2. Next, for all cert types, follow section 1 again but this time use the file GeoTrust_Intermediate.txt from your zip file.

3. Install the SSL Server Certificate

  1. From the Domino Administrator, click Files, and open the Server Certificate Admin application.
  2. Click Install Certificate into Key Ring (option 4).
  3. Enter the file name for the key ring that will store this certificate. You created this key ring file when you created the server certificate request. IBM suggests that you map a drive to the directory that contains the server key ring file.
  4. Enter the name that the key ring file will use to identify this certificate. If you leave this field blank, Domino uses the distinguished name of the certificate.
  5. From Certificate Source choose File (rather than Clipboard) and enter the file name in the File name field (your_domain_com.txt).
  6. Select Merge Certificate into Key Ring.
  7. Enter the password for the key ring file, and then click OK.

4. Configuring Ports

  1. Enter the Server Certificate Administration application and double-click on your server name.
  2. Select the Ports tab.
  3. Select the Internet Ports tab.
  4. Select Edit Server at the upper left corner.
  5. Enter the SSL parameters for your server.
  6. Verify the path to your keyfile in the SSL key file name field.
  7. Click Save and Close at the upper left corner.
  8. Close the Lotus Notes client window.
  9. Stop and Restart your server. The message HTTP web server started will appear.

Verify Installation

 To verify if your certificate is installed correctly, use our Certificate Installation Checker.

Test your SSL certificate by using a browser to connect to your server. Use the https protocol directive. For example, if your SSL was issued to secure.mysite.com, enter https://secure.mysite.com into your browser.

Your browser's padlock icon  will be displayed in the locked position if your certificate is installed correctly and the server is properly configured for SSL.

More Info

See Setting up SSL on a Domino server

Disclaimer: GeoCerts has made efforts to ensure the accuracy and completeness of the information in this document. However, GeoCerts makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. GeoCerts assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document. Further, GeoCerts assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. GeoCerts reserves the right to make changes to any information herein without further notice.